Adding Root Certificates to Android Phone with root access

August 23, 2011 at 22:24 (Computer) (, , , )

Yeah, after being really busy with my real life, here is another intresting trick for you:

How to get some more root certificates on an android phone where you have root acces (or, at least, you can start & use root explorer).

Some background info:
I use a funabol community server to keep my phone’s and outlook’s in sync and recently my colleague sven did a great job converting my HTC HD2 with winmobile to Android 2.x (kudo’s to him! thanks!).

Update on 2011-12-27: I changed the client to allow self-signed certificates: here

The challenge is that if you use funabol with self signed ssl certificates you need to get those recognized by android which is a really complicated task if you don’t know how.  But here we go:

What you need before (and what i don’t describe):

Our steps include:

  1. Export the certificate out of the funambol java keystore
  2. Get the cacert.bks from the android device
  3. modify the cacerts.bks of android
  4. reboot and finished

Step 1 – Export the funambol certificate

  • Execute  “%JAVA_HOME%\bin\keytool -export -alias tomcat -file myroot.cer”  (in-detail like here)
  • copy the myroot.cer to the SD-Card of the android device (or download to another computer)

Step 2

  • insert the SD-Card to the android device, startup root explorer and navigate to /etc/security/
  • copy the file cacert.bks
  • navigate to /sd-card and paste the file
  • insert to another computer
  • Go and execute the Portecle Keytool and open the cacerts.bks from your SD-Card
  • When promtes for a password, just hit enter
  • go to Tools -> Import Key Pair   and select your myroot.cer, give it any name you want
  • save the cacerts.bks
  • re-insert the SD-Card to android device
  • open up root explorer, head to /sd-card, copy, paste to /etc/security/
  • make sure root explorer show “mounted as r/w” in the header of the program.
  • set permissions of the newly copied cacert.bks to rw-r–r– (owner,group,other: read     owner:write)

Step 3

  • double check if the permissions of cacerts.bks are set correctly to rw-r–r–
  • restart the phone
  • funambol sync should now complete.

Have phun to be in sync!

P.S. Keep in touch! the next xbee’s blogpost’s are half-way written, but i really don’t have time ATM… sry

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: